The approach of building computing systems that can prevent general attacks or unwanted intrusions has not been very successful. Intrusion detection and response research has primarily concentrated on known and well-defined attacks. While intrusion detection systems have been deployed, they have been regularly circumvented for profit, espionage or sport, and there have been notable instances where this has occurred. In addition, because prior systems have relied upon known and well-defined attacks, they have shown little improvement in blocking new or novel attacks, such as the recent Melissa and I LoveYou viruses.
Intrusion attacks do not follow published protocols, are not well defined, and often take advantage of the element of surprise. Because of their successes, and the failure of intrusion detection technologies to provide the desired security or fault tolerance required by today's mission-critical applications, the development and deployment of a trusted computing base has been hampered. There are many reasons. Commercial products are mostly signature based and rely on pattern matching to identify specific attacks. Such systems tend to be inadequate in detecting new attacks or variances of known attacks. Intrusion detection research has largely focused on anomaly based detection approaches or specific attacks that have already been successful, and problems arise in defining anomalies or unknown attack methods and algorithms for identifying them.
Fault tolerance technologies have suffered because of their focus on accidental faults and malicious faults planted at the design or implementation stages. This focus allows some reasonable assumptions to be made regarding predictable fault behaviors, but may allow active intrusions when the behavior is under malicious control that attempts to skirt the assumptions. Alternatively, the attacks result in intrusions, which have not been considered or designed against in the traditional fault tolerance systems.
Existing fault tolerance work has mostly focused on well-defined hardware or software modules whose fault modes are relatively easy to define. Large distributed service infrastructures, such as those found in a database web server, may have more complex functions, but that may make it more susceptible to attack or more difficult to define fault modes.
Fault tolerance techniques have been developed for building better systems from scratch, but there is great value in protecting the existing commercial, off the shelf server systems. Built in tolerance may be a superior solution, but the current information infrastructure and existing web networks make it desirable to develop technologies for hardening existing infrastructures and building better new ones. Accordingly, it is an object of the present invention to provide a method and apparatus for an intrusion tolerance server system.
Another object of the present invention is to provide a method and apparatus for a dynamically reconfigurable intrusion-tolerant architecture to minimize the impact of any expected or actual intrusion.
It is a further object of the present invention to provide a method and apparatus for an intrusion intolerant server that is scalable so that it can be expanded to encompass networks of varying size.
It is a still further object of the present invention to provide a method and apparatus for an intrusion tolerant server system that is dynamically reconfigurable for creating intrusion tolerant systems out of existing commercial, off the shelf systems or for hardening existing systems.
It is a still further object of the present invention to provide a method and apparatus for applying fault tolerance approaches, including the acceptance test, redundancy and replication principles, on an information server.
It is a still further object of the present invention to provide a method and apparatus for providing reliable responses when one or more components of the network have been compromised or exhibit unpredictable behavior.
These and other objects and advantages of the present invention will become apparent to those of ordinary skill in the art from a consideration of the drawings and ensuing description.